One of the easy ways to quickly get malware on a victim's PC is to trick them into thinking that they are getting something for free and make them install everything themselves. It is what criminals from the U.K. do in a bid to steal money from their targets.
Scammers from the U.K. send USB drives with Microsoft's Office suites in seemingly real Microsoft packaging to random addresses trying to make victims think that they received a legitimate Office Professional Plus (worth $439) by mistake. After the victim plugs the USB drive into their PC, it is not an Office launch installation wizard but encourages people to call a fake support line. The latter then persuades the casualty to hand over remote access to the PC and provide them payment information, reports Sky News (opens in new tab).
"As soon as they had plugged the USB into the computer, a warning screen appeared saying there was a virus," said Martin Pitman (opens in new tab), a cybersecurity consultant for Atheniem. "To get help and fix the issue, they needed to call a toll-free number to get the computer up and running again. As soon as they called the number on screen, the helpdesk installed some sort of [remote access program] and took control of the victim's computer. Here the hackers 'sorted' the problem and then passed the victim over to the Office 365 subscription team to help complete the action."
Baiting attacks are nothing new, but they target specific victims and rarely use postal packages for various reasons. But the fraudsters from the U.K. targeted random people using postal packages, according to the cybersecurity expert. Such targeting may seem inefficient, but if you send out a thousand counterfeit Microsoft Office packages and steal money from a few dozens of people, the act will quickly pay for itself. Moreover, it could be more efficient than sending out millions of fraudulent emails, as people these days are aware of email scammers.
Microsoft is aware of the issue but says it is a rare occurrence. However, it is not so rare for Microsoft to be mindful of it and launch an internal investigation. Nowadays, the company prefers to distribute its software via the Internet and advises its customers to visit an appropriate support page (opens in new tab) to find out how to avoid fraud and scams.
Package: Contains drive
Yeah, nothing suspect about that at all....
And then, when their AV said 'DANGER!"
...they would purposely bypass and ignore.
Heck...we see those people here every day.
I think we're all related to people like that who would then call us to help them.
We had a software get updated and it got flagged by our systems as unsafe, so I asked IT about it and they said nobody mentioned it yet. Asked around and everyone else just bypassed the warning and installed anyway.
Micorsoft Off iceInstall USB
Asking for a friend.
"Scammers from the U.K. send USB drives with Microsoft's Office suites in seemingly real Microsoft packaging to random addresses trying to make victims think that they received a legitimate Office Professional Plus (worth $439) by mistake. "
Throw up a screen saying "You are infected! Cal 555-1212 to fix"
Actually getting something to install requires at least a couple of slicks, and maybe a password.
It goes MUCH easier if a nice man on the phone is helping you 'fix' your system...;)